Show Notes:

UK PM David Cameron is proposing that the police, intelligence agencies and telecom industry investigate if it would be right and technically feasible to disable access to social networks during times of civil unrest

“Everyone watching these horrific actions will be struck by how they were organised via social media”

This is obviously the wrong way to solve the problem, and it will never work. Even if the telcos block access to facebook and twitter via the Internet and cellular networks, rioters could just use text message trees like those that were used to organize the riots in Egypt.

Some are even proposing entirely disabling the cellular networks in affected areas, however this would be seriously disruptive considering that many in the UK only have cellular phones. Leaving citizens without access to emergency services would obviously be untenable.

Even if the UK government was successful in blocking access to the major social networks, protesters could use other networks, there are an infinite number of competing services. Protesters could also use proxies and other techniques to mask their access to social media. This is common place in workplaces that block access to the sites.

A number of people have already been arrested for posting messages on facebook that were said to be ‘inciting violence’ and ‘public disorder’

The P25 Radios used by many Federal Law Enforcement Agencies support encryption, but not always use it. Many messages are sent in the clear, even when the users believe they are communicating securely

This vulnerability results in trivial passive attacks, where the supposedly secure communications can be eaves dropped on

The P25 Radios are also subject to active attacks. An attacker with very modest resources is able to jam specific types of communication to and from the P25. This would allow an attacker to block LEOs in the area from sending or receiving encrypted messages.

The available symmetric encryption systems are DES, 3DES and AES. Obviously the first two options have not been considered secure for many years.

Because the radios are based on a best-effort protocol, and do not have the ability to retransmit garbled frames, advanced encryption mechanisms like CBC (Cipher Block Chaining) cannot be used. This also means that MAC (Message Authentication Code) cannot be used to verify that the incoming transmissions have not been altered.

Because of this, it is possible for an attacker to impersonate a legitimate user, inject voice and data traffic, and replay captured traffic resulting in false signals, even when the messages are encrypted

Reports indicate that a successful Man-in-the-Middle attack was executed against devices in and around the Defcon venue.

The attackers were able to gain permanent kernel-level root access in some Android and PC devices by using rootkits and non-persistent user space access in some other devices. In both cases, whoever launched this attack against both CDMA and 4G devices was able to steal data and monitor conversations.

It is speculated that the attacker was able to inject specially crafted packets in to the data streams, possibly displaying prompts to the user, that if accepted would install the rootkit

Once the device is compromised, it is trivial to monitor ongoing communications or steal the 4G encryption key